Cybercrime & Digital Threats

A phishing site was found using a spoofed Netflix page to harvest account information, credit card credentials, and other PII.

A spam campaign using emails that have Excel file (.xls) attachments has been seen circulating and targeting users in Italy.

Cybercriminals are using credential phishing sites to trick users into entering their credentials into fake login pages of email and collaboration platforms and videoconferencing apps.

Many attackers are switching from file-based malware to memory-based attacks to improve their stealth. “Fileless,” “zero-footprint,” or “living off the land” threats use legitimate applications to carry out malicious activities.

We recently acquired a spam sample that propagates the Loki infostealer through LZH compressed archive files.

A campaign propagates a new malware named ‘BazarBackdoor’, a fileless backdoor reportedly created by the same threat actors behind TrickBot.

Threat actors take advantage of the spread of COVID-19 for malicious campaigns. Goods and services related to the virus also appear in underground marketplaces and cybercriminal forums.

Is your work-from-home set up secure? Here are a few signs to know if your devices have been hacked or infected with malware.

A variant of Loki info stealer that we detected through our honeypot is propagated as Windows CAB file email attachments. It uses process hollowing to evade detection.